StackAnalyzer and ValueAnalyzer for ARM now support the NEON extension.

Qualification Support Kits

QSKs for MPC603e and MPC55xx have been renamed to QSKs for e300 and e200,
respectively, following the corresponding changes to the tools.

New QSK for aiT for e200: compiler-specific package for DiabData 5.9.1.0.

New QSK for aiT for MPC5xx: compiler-specific package for DiabData 5.2.1.0.

32-bit Windows support

Starting with this release, packages for 32-bit Windows are no longer
automatically dispatched, but are only available on request. Please contact
support@absint.com if you are still
using 32-bit Windows.

AbsInt Launcher

The owner of the cookie section in the XTC file is now alauncher.

Known issue

When exporting projects via “Project” →“Export”, annotations of the following form are omitted:

The GUI now allows specifying a default incarnation bound of recursions for the stack analysis.
The default incarnation bound is only used for a recursion in case no other annotation is given.
This setting can be found under “Analyses” →“Common” →“Stack analysis”.
The default is 1. The fallback can be deactivated by setting it to unlimited.
If the stack analysis uses the default incarnation bound, a warning will be issued
so that potential issues can be detected.

Similarly, the GUI now allows specifying a default loop bound and default recursion bound
for the timing analysis.
These settings can be found under “Analyses” →“Common” →“Path analysis”.
The default for each is 4.
It is possible to deactivate these fallbacks by setting them to unlimited.
The default recursion bound is only used for a recursion in case no other annotation is given.
The default loop bound is only used for a loop in case the loop analysis cannot detect any bound and no other annotation is given.
If the path analysis uses any of these default values, a warning will be issued
so that potential issues can be detected.

New value analysis framework

The PowerPC, C28x and FR81 targets have been ported to a new value analysis framework
called EVA. Other targets will follow suit in future releases.

EVA features a number of changes vs. the original value analyzer.
Certain annotations will need adjustments, e.g. interproc
flexible specifications and some value analysis specific annotations.

The most important changes are:

Unified loop and value analysis

There are no longer multiple loop analysis rounds followed by a final
value analysis round, but rather only one combined analysis phase. This affects
the output messages and reports. For example, in XML reports there will be
no separate analysis contexts for loop and value analysis, and the XML schema
was adapted for the context-sensitive value analysis results.

Different mapping computation

The parameter max-unroll no longer has any effect on the value analysis.
Instead, default-unroll now specifies the maximum unrolling limit for all loops.
This change was necessary to unify loop and value analysis and optimize the performance
for projects with infinite call-string and large unroll settings.
This means that when complete unrolling is desired, a large enough default-unroll
value must be specified. The same holds for loop-local max-unroll specifications.

Stack analysis inlines loops

Instead of regarding loops as separate routines, the new stack analysis regards them
as part of the surrounding routine. This implies that the stack height inside loops
will no longer start at 0 but at the current stack height in the surrounding routine.
Stats and reports will no longer list loops as separate routines for stack analysis.

Improved interactive value analysis

The interactive value analysis can be invoked not only for instructions
but for any block (in particular, the call nodes) as well as for routines.
This enables a better overview of the cumulative effect of that block or routine
on the value analysis results. For blocks with instructions and routines,
one can use the interactive value analysis to generate AIS annotations.
The generated annotations for instructions, normal blocks and routines
include both enter with and exit with annotations.
For targets with speculative execution, the speculative
value analysis results are displayed in a secondary tab.

Higher precision

The branch splitting has been greatly improved, and covers more compare and branch scenarios.

Optimized memory usage

Optimized speed

The analyzer will now compute the fixed-point result in a single iteration if the mapping
allows it (infinite max-length, full unrolling, and no recursions).

Expression evaluation

Values are truncated to target register sizes. e.g. if -inf..inf
is put into a 32-bit user register, it will be 32-bit full range.

Annotation changes

instruction/routine <pp> area contains is now ignored,
use the entered with annotation instead

instruction <pp> overwrites area is now ignored,
use the new AIS2 destroy annotation instead

Stack-transparent routines

Stack frame creation/destruction/restoration routines
are marked as stack-transparent during decoding.
If a routine is marked as stack-transparent, it uses the stack frame of the caller.
Stack effect annotations cannot be applied to stack-transparent routines.

Other stack and value analysis updates

For external routines and unresolved computed calls, the default assumption
has changed to be that the calling conventions hold and the called routines
have no stack effect. The analyzer will issue a warning every time such an assumption
is actually made, along with a suggested annotation for the program part in question.

Faster analysis for binaries with many sections (e.g. when each function is in a section of its own).

Faster stack analysis for programs with complex recursions.

The analyzer now outputs the annotations generated for later iterative
decoding phases to the text and XML report files.

The analyzer will no longer inform about loops that seem to have
fewer iterations than annotated as long as it is not an error and has
no impact on analysis precision and time.

Now ignoring area contains annotations for speculative accesses.

ARM: added support for the NEON extension.

PowerPC: improved handling of 64-bit compare instructions
used in 32-bit PowerPC code. Correct execution of 32-bit semantics
is now assumed, and a corresponding info message is issued.

TriCore:

Improved handling of syscall trap routines.

Improved loop analysis for 64-bit move instructions.

Cache and pipeline analysis

Interactive pipeline analysis visualization now available
for individual instructions in addition to basic blocks.

ARM Cortex-R4F: improved pipeline model for the FPU/VFP.

MPC7448: implemented support for 16-byte burst instruction fetches.

Path analysis

All path analysis variants now support timing specifications for loops.

Visualization and reporting

Improved HTML reporting for architectures with multiple stacks.

Changed the XSD for the output of context sensitive value analysis results
like access information.

Fixed reporting of configuration settings in report files when configurations are used.